Daily Security Feed - 2026-05-11

Security Feed Digest (2026-05-11)

Hacker News: Best

• TanStack NPM Packages Compromised — Mon, 11 May 2026 21:08:25 +0000
• GitLab Announces Workforce Reduction and End of Their CREDIT Values — Mon, 11 May 2026 20:51:57 +0000
• Can someone please explain whether Cloudflare blackmailed Canonical? — Mon, 11 May 2026 18:12:38 +0000
• CUDA-oxide: Nvidia’s official Rust to CUDA compiler — Mon, 11 May 2026 15:55:07 +0000
• Software engineering may no longer be a lifetime career — Mon, 11 May 2026 14:34:08 +0000
• Ratty – A terminal emulator with inline 3D graphics — Mon, 11 May 2026 10:13:04 +0000
• A.I. note takers are making lawyers nervous — Mon, 11 May 2026 10:04:47 +0000
• Gmail registration now requires scanning a QR code and sending a text message — Mon, 11 May 2026 07:26:54 +0000
• Mythos Finds a Curl Vulnerability — Mon, 11 May 2026 06:39:08 +0000
• The greatest shot in television: James Burke had one chance to nail this scene (2024) — Mon, 11 May 2026 02:43:34 +0000
• I’m going back to writing code by hand — Mon, 11 May 2026 01:23:51 +0000
• An AI coding agent, used to write code, needs to reduce your maintenance costs — Sun, 10 May 2026 23:39:55 +0000
• Running local models on an M4 with 24GB memory — Sun, 10 May 2026 23:09:10 +0000
• Obsidian plugin was abused to deploy a remote access trojan — Sun, 10 May 2026 22:02:43 +0000
• Maryland citizens hit with $2B power grid upgrade for out-of-state AI — Sun, 10 May 2026 21:16:58 +0000
• Ask HN: What are you working on? (May 2026) — Sun, 10 May 2026 17:34:41 +0000
• Training an LLM in Swift, Part 1: Taking matrix mult from Gflop/s to Tflop/s — Sun, 10 May 2026 17:05:05 +0000
• The locals don’t know — Sun, 10 May 2026 16:03:37 +0000
• Think Linear Algebra (2023) — Sun, 10 May 2026 09:40:33 +0000

BleepingComputer

• GM agrees to $12.75M California settlement over sale of drivers’ data — Mon, 11 May 2026 18:40:34 -0400
• Official CheckMarx Jenkins package compromised with infostealer — Mon, 11 May 2026 18:03:06 -0400
• New GhostLock tool abuses Windows API to block file access — Mon, 11 May 2026 18:02:00 -0400
• Instructure confirms hackers used Canvas flaw to deface portals — Mon, 11 May 2026 11:26:26 -0400
• Why Changing Passwords Doesn’t End an Active Directory Breach — Mon, 11 May 2026 09:53:56 -0400
• Google: Hackers used AI to develop zero-day exploit for web admin tool — Mon, 11 May 2026 09:02:30 -0400
• Webinar this week: Prevention alone is not enough against modern attacks — Mon, 11 May 2026 08:30:00 -0400
• TrickMo Android banker adopts TON blockchain for covert comms — Mon, 11 May 2026 05:03:02 -0400

Darkreading

• FCC Softens Ban on Foreign-Made Routers — Mon, 11 May 2026 21:15:48 GMT
• Tech Can’t Stop These Threats — Your People Can — Mon, 11 May 2026 19:50:20 GMT
• ‘Dirty Frag’ Exploit Poised to Blow Up on Enterprise Linux Distros — Mon, 11 May 2026 15:05:45 GMT
• Hackers Use AI for Exploit Development, Attack Automation — Mon, 11 May 2026 13:00:00 GMT
• Cyber Espionage Group Targets Aviation Firms to Steal Map Data — Mon, 11 May 2026 12:00:00 GMT

The Hacker News

• TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack — Tue, 12 May 2026 00:00:00 +0530
• cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor — Mon, 11 May 2026 23:24:00 +0530
• Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation — Mon, 11 May 2026 21:15:00 +0530
• ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More — Mon, 11 May 2026 18:06:00 +0530
• Your Purple Team Isn’t Purple — It’s Just Red and Blue in the Same Room — Mon, 11 May 2026 17:00:00 +0530
• Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads — Mon, 11 May 2026 12:35:00 +0530

데일리시큐 - 최근인기기사

• 오픈AI, GPT-5.5 사이버 보안 활용 확대…검증된 방어자 중심 접근 강화 — 2026-05-11 11:58:57
• 해킹보다 무서운 내부자 보복, 쿠팡은 퇴사자 서명키 악용…미국은 해고 통보 중 정부 데이터베이스 삭제 — 2026-05-11 15:21:50
• 랜섬웨어 몸값 지불률 하락세에 내부자 매수로 방향 튼 공격자들 — 2026-05-11 17:24:08
• 카스퍼스키, 인터폴과 AFCON 사이버 보안 협력…유출 계정 211만 건 식별 — 2026-05-11 11:37:35
• AI가 앞당긴 보안취약점 패치 전쟁…미 정부, ‘악용 취약점 3일 내 조치’ 검토 — 2026-05-11 15:44:14

보안뉴스 > SECURITY

• [한국정보공학기술사 보안을 論하다-38] AI 거버넌스, 보안과 함께 작동해야 한다 — Mon, 11 May 2026 17:55:00 +0900
• [신간] ‘달리는 호모 사피엔스’ — Mon, 11 May 2026 17:50:00 +0900
• 다온기술, CAASM 핵심 기술 특허 5건 확보… 미식별 자산 탐지부터 위험 기반 운영까지 자체 기술화 — Mon, 11 May 2026 17:19:00 +0900
• “AI CCTV가 하천 고립사고 막는다” 서울시, 풍수해 대응 강화 — Mon, 11 May 2026 16:53:00 +0900
• 위험할 때 버튼 한 번… 강력범죄 불안에 ‘안심헬프미’ 신청 급증 — Mon, 11 May 2026 16:49:00 +0900
• 금융보안원, 스마트 컨트랙트 보안 검증 도구 개발… “디지털자산 신뢰 제고” — Mon, 11 May 2026 16:47:00 +0900
• SK쉴더스, 기업 보안 실무자 대상 ‘생성형 AI’ 실전 훈련 가동 — Mon, 11 May 2026 16:41:00 +0900
• 앤트로픽 만난 정부 “취약점 공개 대응 위한 정보 공유 요청” — Mon, 11 May 2026 15:47:00 +0900
• [배종찬의 보안 빅데이터] AI 해킹을 AI 보안이 막을 수 있나 — Mon, 11 May 2026 15:21:00 +0900
• ‘숨고’, 개인정보 유출 의심 정황 공지… 선제적 대응 착수 — Mon, 11 May 2026 14:27:00 +0900